~jpastuszek/blog#56: 
Post: Security on Desktop computers is non-existent

ACLs offer binary protection: your are user or root; and they only protect the system. If you run rm -Rf / system will be OK but all your work and documents will be gone! OS can be reinstalled but your work better be backed up. Worst is that any program running on your computer can exfiltrate your work and ask for ransom.

So ACLs offer no useful protection for Desktop computer user. Also due to fundamental flaw in ACL called "Confused Deputy" this system can be worked around leading to permissions escalation - every year one or more is found in Linux; every month many are found in Windows; so ACLs are broken by design!

http://waterken.sourceforge.net/aclsdont/current.pdf

Status
REPORTED
Submitter
~jpastuszek
Assigned to
No-one
Submitted
4 years ago
Updated
4 years ago
Labels
No labels applied.